InfoSecBulletin Cybersecurity for mankind
New guidance on ransomware, released during this week’s International Counter Ransomware Initiative (CRI) meeting, encourages victims to report attacks to law enforcement promptly and to consult more advisors before deciding to pay a ransom.
Cybersecurity experts from about 70 countries are gathering at the White House this week for the fourth International Counter Ransomware Initiative meeting. This annual event, initiated in 2021, aims to tackle recent ransomware attacks and develop new mitigation strategies.
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
The UK and Singapore governments released voluntary guidance to help victims of ransomware attacks respond effectively and reduce the impact.
Victims are urged to report attacks and ransom demands to law enforcement and cyber insurance providers. While paying ransoms is not recommended, if victims choose to do so, they should ensure it could positively impact the situation and meets local regulations.
“External experts such as insurers, national technical authorities, law enforcement or cyber incident response companies familiar with ransomware incidents can improve the quality of decision-making,” according to the new guidance. Officials also pointed out that paying the ransom does “not guarantee access to your devices or data.”
Ransomware victims should document their incident response, decisions for mitigating the attack, and any collected data for future reviews. They must also be aware of the regulatory penalties for data breaches.
“Overall, the advice feels complete and aligned,” said Casey Ellis, founder and chief strategy officer at Bugcrowd. “The only change I would consider would be to move the record-your-decision-making to the top of the list. Dealing with these types of incidents can very easily and quickly create a fog-of-war effect inside a ransomed organization.”
Participants at the event worked on various initiatives, such as finalizing a project on secure software and labeling principles by the U.K. and U.S. governments. They also announced the launch of an information-sharing member portal by Australia and a new U.S. government fund to enhance members’ cybersecurity capabilities.
The updated guidance was released following a joint effort by the U.S., U.K., and European governments to arrest and indict members of the Russian cybercriminal underground, including targets like LockBit and Evil Corp.
The U.K. NCSC and the White House did not immediately respond to requests for comments from Information Security Media Group.
